Working with Permission groups

Google Security Operations allows creating different sets of user groups and then assigning them different levels of permissions to different modules.
There are seven predefined sets of Permission groups:

  • Readers
  • Admins
  • Basic
  • View-Only
  • Collaborators
  • Managed User
  • Managed-Plus User
    • permissions1

The predefined Admins group has predefined Edit rights to the All Environments thereby allowing them to view data from all environments in the system. When creating a new permissions group, it is recommended to think carefully before allowing edit rights to All Environments.

Edit Permissions Group

To edit an existing permissions group:

  1. Navigate to Settings > Organizations > Permissions.
  2. Select the required Permissions Group.
  3. Each feature appears with a toggle button to allow or deny a user access. If the toggle button is off, then the module does not appear at all. If the toggle button is on, then you can decide for each feature which permissions to allow the user to have.
  4. When finished, make sure to click Save on the top right of the screen.

Add new Permissions Group

To add a new permissions group:

  1. Navigate to Settings > Organizations > Permissions.
  2. Click the Add Permissions group. A New Group is added to the list on the left.
  3. Fill out the following areas on the screen:
    1. Your cursor will automatically be placed next to the title of New Group. Delete the words New Group and add in your own name for the new Group. For example, Tier One.
    2. Select the required User Type in the drop-down list.
      3. permissions2
    3. Select the landing page that you want this User Group to land on when they first log in.
    4. Decide what type of permissions you want for each module.
  4. When finished, make sure to click Save. Note that at any time, you can make changes and then re-Save. You can also duplicate permission groups for easier editing.
    5. permissions3
  5. Make sure to click the blue Save button on the top right of the screen.

Restrict Actions

You can also use Restrictions as a way of preventing access to certain types of actions from certain permission groups. For example, as an MSSP, you might have separate SOC Manager groups for separate environments.

  1. Click on the required permission group.
  2. In the Restricted Actions section, click and choose the Actions which this permission group will not be able to perform.
  3. Click Add and then click Save.
    4. permissions4